This guide details the mechanisms of electronic identity theft (spoofing) and the protective measures against undesirable messages appearing to come from your own domain.

Has my account been used without my knowledge?

Receiving an email that seems to come from you is a common psychological manipulation technique. This does not mean that your mailbox has been hacked. In most cases, it is a simple forgery of the « From » header, similar to someone writing your address on the back of a paper envelope before mailing it.

Make sure your own address is not listed in the whitelist (Allowlist) of your antispam filter. If it is, the protection system skips the security analysis, thinking the message is legitimate.

Diagnosis: Spoofing vs Hacking

It is crucial to distinguish forgery (mail forging) from intrusion. The global email sending protocol (SMTP) was designed without native verification of the sender's identity.

Strengthening the integrity of your domain

To protect your digital reputation and limit the impact of these spoofing attempts, deploying authentication protocols is the professional standard:

• SPF & DKIM: These digital signatures certify that your messages indeed come from our authorized servers.
• DMARC: This essential protocol allows you to give instructions to servers worldwide (e.g., "If the email is not signed by Infomaniak, reject it or mark it as spam"). It is the most powerful tool for analyzing and limiting the fraudulent use of your domain.
• Catch-all management: Avoid using a catch-all type address, which collects all messages sent to non-existent addresses in your domain, as it naturally attracts massive spam flows.

Failure Notifications (Backscatter)

If you receive non-delivery reports (Non-Delivery Reports) for messages you never wrote, you are facing the Backscatter phenomenon. Poorly configured third-party servers or botnets use your identity to mass-distribute content. When they encounter a non-existent address, the remote server returns the error to the displayed sender: you.